New Security Bulletins for September
This just came across my desk.
The purpose of this alert is to provide you with a summary of the Microsoft September 26 2006 Security Bulletin release.
New Security Bulletins for September 26 2006
Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:
MAXIMUM SEVERITY |
BULLETIN NUMBER |
PRODUCTS AFFECTED |
IMPACT |
Critical |
MS06-055 |
Windows XP SP1/SP2/X64, Windows 2003/SP1/SP1 for Itanium/2003 for x64 |
Remote Code Execution |
The summary for this bulletin can be found at the following page:
https://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx
Re-released Security Bulletins
In addition, Microsoft is re-releasing the following security bulletins
(NOTE: This list conains ONLY those products affected by the re-release and the severity of the vulnerability for those products affected by the re-release)
MAXIMUM SEVERITY RATING |
BULLETIN NUMBER |
PRODUCTS AFFECTED (re-release only) |
IMPACT |
Important |
MS06-049 |
Windows 2000 SP4 |
Elevation of Privilege |
Information on these re-released bulletins may be found at the following pages:
https://www.microsoft.com/technet/security/Bulletin/MS06-049.mspx
Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.
TechNet Webcast: Information about Microsoft's 26 September 2006 Security Bulletins (Level 100)
Wednesday, September 27, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032311209&Culture=en-US
================================================
Security Bulletin Details
================================================
MS06-055
Title: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
Affected Software:
- Microsoft Windows XP Service Pack 1
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
Affected Components:
- Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
- Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Restart required: Maybe, if the file is in use. See KB Article 887012 at https://support.microsoft.com/kb/887012
Update can be uninstalled: Yes, Add or Remove Programs
More information on this vulnerability is available at: https://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx
**********************************************************************
Re-Release Information:
MS06-049
Title: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
Affected Software (re-release only):
- Microsoft Windows 2000 Service Pack 4
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Reason for Re-release:
The update has been revised and re-released for Microsoft Windows 2000 Service Pack 4 to address issues identified in Microsoft Knowledge Base Article 920958.
More information on this re-released bulletin is available at: https://www.microsoft.com/technet/security/bulletin/MS06-049.mspx
Cheers, Jeffa